diff options
Diffstat (limited to 'src/lib/libssl/src/apps/s_server.c')
-rw-r--r-- | src/lib/libssl/src/apps/s_server.c | 128 |
1 files changed, 0 insertions, 128 deletions
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c index 18717d8f23..22e3c18ada 100644 --- a/src/lib/libssl/src/apps/s_server.c +++ b/src/lib/libssl/src/apps/s_server.c | |||
@@ -175,9 +175,6 @@ | |||
175 | #ifndef OPENSSL_NO_RSA | 175 | #ifndef OPENSSL_NO_RSA |
176 | #include <openssl/rsa.h> | 176 | #include <openssl/rsa.h> |
177 | #endif | 177 | #endif |
178 | #ifndef OPENSSL_NO_SRP | ||
179 | #include <openssl/srp.h> | ||
180 | #endif | ||
181 | #include "s_apps.h" | 178 | #include "s_apps.h" |
182 | #include "timeouts.h" | 179 | #include "timeouts.h" |
183 | 180 | ||
@@ -349,47 +346,6 @@ out_err: | |||
349 | } | 346 | } |
350 | #endif | 347 | #endif |
351 | 348 | ||
352 | #ifndef OPENSSL_NO_SRP | ||
353 | /* This is a context that we pass to callbacks */ | ||
354 | typedef struct srpsrvparm_st { | ||
355 | char *login; | ||
356 | SRP_VBASE *vb; | ||
357 | SRP_user_pwd *user; | ||
358 | } srpsrvparm; | ||
359 | |||
360 | /* This callback pretends to require some asynchronous logic in order to obtain | ||
361 | a verifier. When the callback is called for a new connection we return | ||
362 | with a negative value. This will provoke the accept etc to return with | ||
363 | an LOOKUP_X509. The main logic of the reinvokes the suspended call | ||
364 | (which would normally occur after a worker has finished) and we | ||
365 | set the user parameters. | ||
366 | */ | ||
367 | static int | ||
368 | ssl_srp_server_param_cb(SSL * s, int *ad, void *arg) | ||
369 | { | ||
370 | srpsrvparm *p = (srpsrvparm *) arg; | ||
371 | if (p->login == NULL && p->user == NULL) { | ||
372 | p->login = SSL_get_srp_username(s); | ||
373 | BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login); | ||
374 | return (-1); | ||
375 | } | ||
376 | if (p->user == NULL) { | ||
377 | BIO_printf(bio_err, "User %s doesn't exist\n", p->login); | ||
378 | return SSL3_AL_FATAL; | ||
379 | } | ||
380 | if (SSL_set_srp_server_param(s, p->user->N, p->user->g, p->user->s, p->user->v, | ||
381 | p->user->info) < 0) { | ||
382 | *ad = SSL_AD_INTERNAL_ERROR; | ||
383 | return SSL3_AL_FATAL; | ||
384 | } | ||
385 | BIO_printf(bio_err, "SRP parameters set: username = \"%s\" info=\"%s\" \n", p->login, p->user->info); | ||
386 | /* need to check whether there are memory leaks */ | ||
387 | p->user = NULL; | ||
388 | p->login = NULL; | ||
389 | return SSL_ERROR_NONE; | ||
390 | } | ||
391 | |||
392 | #endif | ||
393 | 349 | ||
394 | static void | 350 | static void |
395 | s_server_init(void) | 351 | s_server_init(void) |
@@ -474,10 +430,6 @@ sv_usage(void) | |||
474 | BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n"); | 430 | BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n"); |
475 | #endif | 431 | #endif |
476 | #endif | 432 | #endif |
477 | #ifndef OPENSSL_NO_SRP | ||
478 | BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n"); | ||
479 | BIO_printf(bio_err, " -srpuserseed string - A seed string for a default user salt.\n"); | ||
480 | #endif | ||
481 | BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n"); | 433 | BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n"); |
482 | BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n"); | 434 | BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n"); |
483 | BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n"); | 435 | BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n"); |
@@ -727,9 +679,6 @@ int s_server_main(int, char **); | |||
727 | #ifndef OPENSSL_NO_JPAKE | 679 | #ifndef OPENSSL_NO_JPAKE |
728 | static char *jpake_secret = NULL; | 680 | static char *jpake_secret = NULL; |
729 | #endif | 681 | #endif |
730 | #ifndef OPENSSL_NO_SRP | ||
731 | static srpsrvparm srp_callback_parm; | ||
732 | #endif | ||
733 | #ifndef OPENSSL_NO_SRTP | 682 | #ifndef OPENSSL_NO_SRTP |
734 | static char *srtp_profiles = NULL; | 683 | static char *srtp_profiles = NULL; |
735 | #endif | 684 | #endif |
@@ -775,10 +724,6 @@ s_server_main(int argc, char *argv[]) | |||
775 | /* by default do not send a PSK identity hint */ | 724 | /* by default do not send a PSK identity hint */ |
776 | static char *psk_identity_hint = NULL; | 725 | static char *psk_identity_hint = NULL; |
777 | #endif | 726 | #endif |
778 | #ifndef OPENSSL_NO_SRP | ||
779 | char *srpuserseed = NULL; | ||
780 | char *srp_verifier_file = NULL; | ||
781 | #endif | ||
782 | meth = SSLv23_server_method(); | 727 | meth = SSLv23_server_method(); |
783 | 728 | ||
784 | local_argc = argc; | 729 | local_argc = argc; |
@@ -977,19 +922,6 @@ s_server_main(int argc, char *argv[]) | |||
977 | } | 922 | } |
978 | } | 923 | } |
979 | #endif | 924 | #endif |
980 | #ifndef OPENSSL_NO_SRP | ||
981 | else if (strcmp(*argv, "-srpvfile") == 0) { | ||
982 | if (--argc < 1) | ||
983 | goto bad; | ||
984 | srp_verifier_file = *(++argv); | ||
985 | meth = TLSv1_server_method(); | ||
986 | } else if (strcmp(*argv, "-srpuserseed") == 0) { | ||
987 | if (--argc < 1) | ||
988 | goto bad; | ||
989 | srpuserseed = *(++argv); | ||
990 | meth = TLSv1_server_method(); | ||
991 | } | ||
992 | #endif | ||
993 | else if (strcmp(*argv, "-www") == 0) { | 925 | else if (strcmp(*argv, "-www") == 0) { |
994 | www = 1; | 926 | www = 1; |
995 | } else if (strcmp(*argv, "-WWW") == 0) { | 927 | } else if (strcmp(*argv, "-WWW") == 0) { |
@@ -1535,22 +1467,6 @@ bad: | |||
1535 | } | 1467 | } |
1536 | #endif | 1468 | #endif |
1537 | 1469 | ||
1538 | #ifndef OPENSSL_NO_SRP | ||
1539 | if (srp_verifier_file != NULL) { | ||
1540 | srp_callback_parm.vb = SRP_VBASE_new(srpuserseed); | ||
1541 | srp_callback_parm.user = NULL; | ||
1542 | srp_callback_parm.login = NULL; | ||
1543 | if ((ret = SRP_VBASE_init(srp_callback_parm.vb, srp_verifier_file)) != SRP_NO_ERROR) { | ||
1544 | BIO_printf(bio_err, | ||
1545 | "Cannot initialize SRP verifier file \"%s\":ret=%d\n", | ||
1546 | srp_verifier_file, ret); | ||
1547 | goto end; | ||
1548 | } | ||
1549 | SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback); | ||
1550 | SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm); | ||
1551 | SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb); | ||
1552 | } else | ||
1553 | #endif | ||
1554 | if (CAfile != NULL) { | 1470 | if (CAfile != NULL) { |
1555 | SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile)); | 1471 | SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile)); |
1556 | #ifndef OPENSSL_NO_TLSEXT | 1472 | #ifndef OPENSSL_NO_TLSEXT |
@@ -1866,17 +1782,6 @@ sv_body(char *hostname, int s, unsigned char *context) | |||
1866 | } | 1782 | } |
1867 | #endif | 1783 | #endif |
1868 | k = SSL_write(con, &(buf[l]), (unsigned int) i); | 1784 | k = SSL_write(con, &(buf[l]), (unsigned int) i); |
1869 | #ifndef OPENSSL_NO_SRP | ||
1870 | while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) { | ||
1871 | BIO_printf(bio_s_out, "LOOKUP renego during write\n"); | ||
1872 | srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); | ||
1873 | if (srp_callback_parm.user) | ||
1874 | BIO_printf(bio_s_out, "LOOKUP done %s\n", srp_callback_parm.user->info); | ||
1875 | else | ||
1876 | BIO_printf(bio_s_out, "LOOKUP not successful\n"); | ||
1877 | k = SSL_write(con, &(buf[l]), (unsigned int) i); | ||
1878 | } | ||
1879 | #endif | ||
1880 | switch (SSL_get_error(con, k)) { | 1785 | switch (SSL_get_error(con, k)) { |
1881 | case SSL_ERROR_NONE: | 1786 | case SSL_ERROR_NONE: |
1882 | break; | 1787 | break; |
@@ -1917,17 +1822,6 @@ sv_body(char *hostname, int s, unsigned char *context) | |||
1917 | } else { | 1822 | } else { |
1918 | again: | 1823 | again: |
1919 | i = SSL_read(con, (char *) buf, bufsize); | 1824 | i = SSL_read(con, (char *) buf, bufsize); |
1920 | #ifndef OPENSSL_NO_SRP | ||
1921 | while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { | ||
1922 | BIO_printf(bio_s_out, "LOOKUP renego during read\n"); | ||
1923 | srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); | ||
1924 | if (srp_callback_parm.user) | ||
1925 | BIO_printf(bio_s_out, "LOOKUP done %s\n", srp_callback_parm.user->info); | ||
1926 | else | ||
1927 | BIO_printf(bio_s_out, "LOOKUP not successful\n"); | ||
1928 | i = SSL_read(con, (char *) buf, bufsize); | ||
1929 | } | ||
1930 | #endif | ||
1931 | switch (SSL_get_error(con, i)) { | 1825 | switch (SSL_get_error(con, i)) { |
1932 | case SSL_ERROR_NONE: | 1826 | case SSL_ERROR_NONE: |
1933 | write(fileno(stdout), buf, | 1827 | write(fileno(stdout), buf, |
@@ -2002,17 +1896,6 @@ init_ssl_connection(SSL * con) | |||
2002 | 1896 | ||
2003 | 1897 | ||
2004 | i = SSL_accept(con); | 1898 | i = SSL_accept(con); |
2005 | #ifndef OPENSSL_NO_SRP | ||
2006 | while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { | ||
2007 | BIO_printf(bio_s_out, "LOOKUP during accept %s\n", srp_callback_parm.login); | ||
2008 | srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); | ||
2009 | if (srp_callback_parm.user) | ||
2010 | BIO_printf(bio_s_out, "LOOKUP done %s\n", srp_callback_parm.user->info); | ||
2011 | else | ||
2012 | BIO_printf(bio_s_out, "LOOKUP not successful\n"); | ||
2013 | i = SSL_accept(con); | ||
2014 | } | ||
2015 | #endif | ||
2016 | if (i <= 0) { | 1899 | if (i <= 0) { |
2017 | if (BIO_sock_should_retry(i)) { | 1900 | if (BIO_sock_should_retry(i)) { |
2018 | BIO_printf(bio_s_out, "DELAY\n"); | 1901 | BIO_printf(bio_s_out, "DELAY\n"); |
@@ -2223,17 +2106,6 @@ www_body(char *hostname, int s, unsigned char *context) | |||
2223 | for (;;) { | 2106 | for (;;) { |
2224 | if (hack) { | 2107 | if (hack) { |
2225 | i = SSL_accept(con); | 2108 | i = SSL_accept(con); |
2226 | #ifndef OPENSSL_NO_SRP | ||
2227 | while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { | ||
2228 | BIO_printf(bio_s_out, "LOOKUP during accept %s\n", srp_callback_parm.login); | ||
2229 | srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); | ||
2230 | if (srp_callback_parm.user) | ||
2231 | BIO_printf(bio_s_out, "LOOKUP done %s\n", srp_callback_parm.user->info); | ||
2232 | else | ||
2233 | BIO_printf(bio_s_out, "LOOKUP not successful\n"); | ||
2234 | i = SSL_accept(con); | ||
2235 | } | ||
2236 | #endif | ||
2237 | switch (SSL_get_error(con, i)) { | 2109 | switch (SSL_get_error(con, i)) { |
2238 | case SSL_ERROR_NONE: | 2110 | case SSL_ERROR_NONE: |
2239 | break; | 2111 | break; |